The Hidden Battles to Collect Your Data and Control Your World

lots of good points and calls for political action. Not the easiest book to read though (it was a slog to finish it).
But a note for those reading it on Kindle, the last third of the book is references, so don't drop it
if you're 50% of the way through and have no idea how he can go on for the rest of the book, you're almost at the end.

A must read for any one interested in Snowden universe of revelations....

Sadly is really annoying to read it in the kindle app for iOS which I did for convenience, believe me, you will really hate the store after...

Bruce Schneier (disclosure: a friend and occasional colleague) has written an essential book for our spy-happy times. He's a serious technologist who explains, in human terms, the meaning and threat of mass surveillance.

The most important part of this book, however (disclosure: I received an advance copy from his publisher), is his prescription for what we need to do. Surveillance-enabling technology isn't going away. It's getting more prevalent, and more hidden from view. And we can't sit back and expect the surveillance state to curb itself. So we need to change our norms on how we use it, but even more, we need to change our laws and rules.

Data brings power as well as frailty to humans. Data could give security strength to government but it snatches away individual freedom. What is the meaning of life in the modern age of surveillance? What kinds of checks and balances are required in terms of personal data collection, corporate data surveillance and ubiquitous mass surveillance by governments? These are the central questions addressed by the security Guru Bruce Schneier in his latest book "Data and Goliath."

In a very straight forward and convincing style, Schneier presents the causes and consequences of big data and surveillance in our day to day lives. With the help of a number of annotations and references, Schneier explains the hidden secrets of surveillance and data exploitation by different players and the plight of our freedom and privacy in this context.

When Schneier is critical of unjustified data collection and surveillance, he is not against the technology itself. He advocates that the fundamental human rights should be respected in any society. He pleads that privacy is the cornerstone of such rights. In this book, Schneier beautifully explains how privacy is an essential human need and being stripped off privacy is dehumanizing - be it a handiwork of government or an automated computer algorithm set up by corporate gainers or others. He establishes that the biggest cost of surveillance is our liberty that should be understood by everyone.

Schneier offers thoughtful recommendations and suggestions to deal with personal data and surveillance. Besides providing useful principles and solutions to reap the rightful benefits of data collection and its use, Schneier insists on the need of people's engagement with the issue to develop a healthy public opinion that will fix the contours of privacy and surveillance.

Schneier's years of experience and expertise in security and technology makes this book authentic and dependable work. This influential book will certainly enlighten both experts and common readers to understand the social and legal implications of data, surveillance, privacy and security issues. This book will be of immense use to undergraduate students and research scholars of different universities and a must for every library.

-- Dr. Pushpa Kumar Lakshmanan
(Dr. Pushpa Kumar Lakshmanan is a Fulbright scholar and a Faculty Associate at the Berkman Center for Internet and Society, Harvard Law School, Harvard University, U.S.A. He is a Research Professor at World Institute of Scientific Exploration, Baltimore, USA and Assistant Professor (Senior) at the Faculty of Law, University of Delhi. Pushpa was a Visiting Scholar at the University of Washington School of Law, University of Washington, Seattle, USA and the Cardiff Law School, Cardiff University, UK: and Research Fellow at Max Planck Institute for Comparative Public Law and International Law, Heidelberg, Germany. He specializes in international law, intellectual property law, and environmental law with broad focus on the promotion of rule of law, justice and world peace).

Bruce Schneier's book is a fantastic achievement-- extremely well written, structured, logically organized, and truly comprehensive in dealing with its timely subject matter-- how governments and corporations are increasingly monitoring citizens and appropriating our data to control and influence us. Schneier thoughtfully unpacks a diverse range of issues and challenges -- both technical, legal, political, social, etc. As someone who knows a bit about this space, I can sincerely say that I learned plenty from reading this book.

And yet, despite this broad coverage, the narrative is both practical and nimble, and accessible to a range of readers, from experts to your average consumer or citizen concerned about their privacy. Indeed, despite the complexity of what is at stake-- data surveillance-- the book never gets mired in any one issue or stuck in some technical, legal, or policy-oriented thicket. Schneier displays an uncanny economy of language in treating his subject-- he says what needs to be said, no more or less.

Most importantly, Schneier offers concrete solutions and recommendations for dealing with the challenges and threats of corporate and government data surveillance, including a great final chapter with suggestions for "the rest of us", as in, We, the People. At the same time, Schneier's evenhanded approach to the issues he tackles, often leads him to raise counter-arguments to the points he raises. This adds to the persuasiveness to his overall argument, but he also raises some disturbing realities-- like the relativity of what we feel is "creepy" or inappropriate kinds of government/corporate surveillance and related behavior. This sense of what is "creepy" will, Schneier points out, change over time, as social norms shift; so, does this mean that increasing invasive surveillance is inevitable as governments and corporations move the goal posts on what is acceptable forms of data practices, and wait for social norms to likewise shift?

Not necessarily. At least not, if we listen to Schneier, and follow his rational but impassioned call for action. Indeed, Schneier argues that we must be clear headed about the reasons why governments and corporations engage in surveillance (sometimes for good reason) but his ultimate message--- that against the abusive kinds of data surveillance and control-- we must avoid, resist, agitate for change, and not give up, is an essential one in the Post-Snowden Era. And this book, essential reading.

*******
Jon Penney is a lawyer, research fellow at the Citizen Lab, Munk School of Global Affairs, University of Toronto; a research affiliate of the Berkman Center for Internet and Society, Harvard University; and a doctoral student at the Oxford Internet Institute, University of Oxford. This review was authored by use of an advanced copy of this manuscript.

Solid book. Nothing new (in that if you have read widely on privacy and cyber issues, you likely have had most of this covered), but if you need a primer, you could do worse. Caveat: Schneier has definite opinions on the proper course of things, on the rightful balance between security and privacy, and his opinion is not tempered. He does not really set forth everything objectively to let the reader make up their own mind (this isn't hidden, so isn't as problematic as it could be). I typically prefer books that are a bit more balanced, but on the plus side Schneier is able to take complex technical information and make it easily digestible to lay audiences, the overview is wide but too long, and a reader leaves fairly well-informed about the basic issues related to data in the modern world.

Schneier provides a thorough overview of the dilemmas posed by the collection of mass data in the public and private spheres. However, his account is heavily biased and provides little practical insight. For every insight into the dangers of mass surveillance there is an authoritative claim or unsubstantiated assertion. The weakest of these assertions drift into conspiracy theory and are clearly wrong. For example, Schneier treats the NSA as a faceless monolith that seeks to collect data from every source it can, undermining the privacy of all Americans. Treating the NSA as a single nefarious entity pays little respect to the men and women who work day and night to identify and prevent terrorist attacks. There is an important debate to be had about what information intelligence analysts require to do their job, but this book is not for those looking for a balanced perspective.

Another major weakness is a clear selection bias. Schneier casually professes his support for Snowden while condemning a national security apparatus that has 17 intelligence agencies and 5 million men and women with security clearances. If there are 5 million Americans with clearances, why are there not more Snowden's coming forward to highlight abuses of power? The answer would be simple if Schneier were to think about it for a few minutes. Nearly every single American with a clearance has made the conscious decision to dedicating their lives to protecting their country. For every Snowden abusing his access to information, there are hundreds of thousands of Americans doing their job the best way they know how. There is an informed debate to be had about the dangers of big data, but the insight provided by this book is buried beneath poor analysis.

The book argues that the massive accumulation of data hurts society in several ways.

At its most basic, it violates every individual's right to privacy. It creates data troves that give governments and corporations unprecedented power over citizens. Second, it creates a false sense of safety by overemphasizing the surveillance factor of good security. Third, it confuses massive, detailed surveillance with accurate and comprehensive surveillance. This can lead to abuses of civil rigths (think of profiling).

The last part of the book proposes solution for the problems we face. Elected officials should conduct more and better oversight of security and surveillance operations by the military, by intelligence agencies, and by law enforcement agencies. They should do more to protect whistle blowers, and to make use of collected data more accountable against misuse. Industry should be better regulated to ensure citizens have a right to see any data collected on them . Citizens should also have to right to decide how data about them is used.

Finally, the author advocates activism. Citizens need to take these issues seriously and get involved in demonstrations, sit on committees, sign petitions, phone their elected representatives etc. whenever they get the chance.

Vincent Poirier, Quebec City

In Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World, author Bruce Schneier could have justifiably written an angry diatribe full of vitriol against President Obama, his administration, and the NSA for their wholesale spying on innocent Americans and violations of myriad laws and the Constitution. Instead, he has written a thoroughly convincing and brilliant book about big data, mass surveillance and the ensuing privacy dangers facing everyone.

A comment like what’s the big deal? often indicates a naiveté about a serious significant underlying issue. The idea that if you have nothing to hide you have nothing to fear is a dangerously narrow concept on the value of privacy. For many people the notion that the NSA was performing spying on Americans was perceived as not being a big deal, since if a person is innocent, then what they have to worry about. In the book, Schneier debunks that myth and many others, and defends the important of privacy.

Schneier writes that privacy is an essential human need and central to our ability to control how we relate to people around us and the world at large. Being stripped of privacy is fundamentally dehumanizing and it makes no difference whether the surveillance is conducted by an undercover police officer following us around or by a computer algorithm tracking our every move online.

The book notes that much of the data sharing is done voluntarily from individuals via social media and other voluntary sharing platforms. The real danger is that the NSA has been illegally conducting mass surveillance on Americans, in violation of the Constitution and other Federal laws. And with all of that, the book notes that after spending tens of billions of dollars doing it, the NSA has little to nothing to show for its efforts.

While the NSA has often said they were just collecting metadata; Schneier writes that metadata can often be more revealing than the data itself, especially when it’s collected in the aggregate. And even more so when you have an entire population under surveillance. How big of a deal is metadata? Schneier quotes former NSA and CIA director Michael Hayden that “we kill people based on metadata”.

The book spends chapters detailing the dangers of mass data collection and surveillance. It notes that the situation is exacerbated by the fact that we are now generating so much data and storing it indefinitely. People can now search 20 years back and find details that were long thought to have been forgotten. Today’s adults were able to move beyond their youthful indiscretions; while today’s young people will not have that freedom. Their entire life histories will be on the permanent record.

Another danger of mass government surveillance is the way it leads to people being categorized and discriminated against. Since much of the data is gathered in secret, citizens don’t have the right to see or refute it. Schneier notes that this will intensify as systems start using surveillance data to make decisions automatically.

Schneier makes numerous references to Edward Snowden and views him as a hero. He views Snowden’s act as being courageous since it resulted in the global conversation about surveillance being made available. Had it not been for Snowden, this book would never have been written.

Schneier does a good job of showing how many of the methods used by the NSA were highly questionable, and based on extremely broad readings of the PATRIOT ACT, Presidential directives and other laws.

The book notes that not only has mass surveillance on US citizens provided extremely little return on the tens of billions of dollars spent; the very strategy of basing security on irrational fears is dangerous. The book notes that many US agencies were faulted after 9/11 and the Boston Marathon bombing for not connecting the dots. But connecting the dots against terrorist plots is extraordinarily difficult, if not impossible. Given the rarity of these events, the book notes that they current systems produce so many false positives as to render them useless.

Schneier straight-out says that ubiquitous surveillance and data minding are not suited for finding dedicated criminals or terrorists. The US is wasting billions on these programs and not getting the security they have been promised. Schneier suggests using the money on investigations, intelligence and emergency response; programs whose tactics have been proven to work.

Schneier makes many suggestions on how to stop the mass surveillance by the NSA. His biggest suggestion is to separate espionage agencies from the surveillance agencies. He suggests that government surveillance of private citizens should only be done as part of a criminal investigation. These surveillance activities should move outside of the NSA and the military and should instead come under the auspices of the FBI and Justice Department, which will apply rules of probable cause, due process and oversight to surveillance activities in regular open courtrooms. As opposed to the secret United States Foreign Intelligence Surveillance courts.

Schneier notes that breaking up the NSA is a long-range plan, but it’s the right one. He also suggests reducing the NSA’s budget to pre-9/11 levels, which would do an enormous amount of good.

While Schenier comes down hard on mass surveillance, he is also rational enough to know that there are legitimate needs for government surveillance, both law enforcement and intelligence needs to do this and we must recognize that. He writes that we must support legitimate surveillance and work on ways for these groups to do what they need without violating privacy, subverting security and infringing on citizens’ rights to be free of unreasonable suspicion and observation.

The book concludes with a number of things that can be done moving forward. At the personal level there is a lot people can legitimately do to stop sharing so much personal information. But for most people, they would rather reap the short-term benefits of sharing information on social media, with retailers and more; than the long-term privacy benefits.

The book also notes that much of the problem stems with federal agencies since keeping the fear stoked is big business for them. For those in the intelligence agencies, that is the basis of their influence and power. Schneier also lays some of the blame on popular media and news who stoke the irrational fears in the daily news. By fixating on rare and spectacular events, the media conditions us to behave as if terrorism were much more common than it is and to fear it far out of proportion to its actual incidence.

This is an incredibly important book. Schenier is passionate about the subject, but provides an extremely reasonably set of arguments. Superbly researched, Schneier lays out the facts in a clear, concise and extremely readable manner. The book is at times disturbing, given the scope and breadth of the NSA surveillance program.

This is the perfect book to take with you on a long flight. It’s a compelling and engrossing read, and important book and a major wake-up call. The NSA knows all about you via its many total information awareness programs. In Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World, Bruce Schneier provides the total information awareness about what the NSA is doing, how your personal data is being mined, and what you can do about it.

While the NSA was never able to connect the dots of terrorists, Schneier has managed to connect the dots of the NSA. This is a book that must be read, for your freedom.

This book covers security vs surveillance & why the powers that be (3 initials) opt for surveillance. The reason is protecting their jobs rather than the public. If you've worked in government for any length of time, serving the public is not one of their strong points. They want to look over your shoulder, preferably undetected, but resist transparency in the name of "national security". In other countries & other decades, a book like this would have gotten you & your family killed. Russia's Stalin from the 30's would have given his left arm for this technology, so he could maintain 24 by 7 vigilance. Why not try Tor? Just using it identifies you as a target. Better to blend in with the crowd. There's even a song - "Safety In Numbers". Tor is slow as molasses as well.

I've learned - 1) don't go on Facebook, 2) don't use a smartphone, but do use a mobile phone 3) delete your History in YouTube, 4) delete emails & searches on Google, which Google does not make easy to do. Google offered to find my computer. They produced a photo of my patio from 40 yds away & a incorrect street address on the wrong street. Knowing this, should I switch to DuckDuckGo? Not just yet. Europe is implementing a "freedom to be forgotten" law, so they're way ahead of us. Go to YouTube & enter "Spirit - 1984". Listen to the lyrics & you'll understand what all the fuss is about. Update - 4-18 Note the latest data breech at Facebook. Go private now & use your email only.

A great basic-level overview of why Americans should be concerned about surveillance and what to do about it. (However, it does get some dings.)

The first great thing is that Schneier puts BOTH government snooping AND Big Biz snooping in the dock. Libertarians, rather than civil libertarians, who want to give Facebook and Google a pass, or data breaches that the likes of a Target could have prevented, won't like some aspects of this book.

And that's fine.

The second great thing is that Scheier talks to many of us who aren't technophobes or Luddites, but who are nowhere near tech geniuses either, about basic things we can do to at least partially protect ourselves

(I do many of these already. Ad Block, Ghostery — and also Privacy Badger on Firefox — to block tracking cookies — Ixquick or DuckDuckGo to not track search history, and HTTPS Everywhere from EFF.)

The third great thing it that the notes solutions won't be perfect and complete, and that, beyond pushing for big ticket government policy changes, on individual matters, each of us should find our our own sweet spots.

Now, the minor dings.

On products, like cookie trackers, or the two non-tracking search machines, I wish Schneier had done more product comparison. Indeed, he doesn't even mention Ixquick, just DuckDuckGo.

Second, even though FF continues to be a memory hog, I wish he had given it a plug as a better option to Chrome as a browser precisely because the Mozilla Foundation is a nonprofit org, vs. Big Google.

Third, he doesn't discuss improving online privacy rights in the context of broader issues, like whether or not the entire Internet should in some way be regulated like a common carrier, or even a full-blown utility. (I think it should.)

Fourth, even though his optimism is focused more on the longer term, I think he's more optimistic than I am. I know he is in the short term, at the end of the book, when he talks about the positive value of more medical data.

Bruce, as long as the US has a for-profit, fee-for-service health care system, one likely to invest as little on data protection as Target, any research value of more data is more than likely to be offset by breach worries.

Schneier's book is in the best tradition of muckraking--raising hell about a subject in a lively enough way so the reading public will be outraged and maybe do something about the situation. The book really has two elements, a description of past and present "battles" over information (subdivided really into corporate and government, which work closely but remain separate in these things), and a discussion on what can be done about it (both as individuals and society as a whole). There's a caveat, of course: it's rather likely that someone somewhere is keeping track of who reads this book, who buys it and what they say about the book--seriously!! But if you've looked at this book and gotten as far as a review, you're already in that database (besides the store's). Any such book as this is likely to be quickly dated by the speed of technology advance, but it remains current at the moment.

The battles are really the meat of this book; the recommendations are essentially common sense--use care with your information, consider encryption, let politicians know that privacy is important to you, act now rather than later, and realize that there are benefits to commercial collection of data (other than profitability--public convenience for one) and that there is a clear need for government interest, in the cause of public safety.

There is good grounds to be concerned. Apparently the NSA is collecting everything on everyone, and computers comb the mountain of info for clues to terrorism and crime. A problem of course is it could also comb the data for dissidence and criticism, for evidence of behaviors considered problems, even comb predictively to catch criminals, terrorists and dissidents before they become those things. An important point: with so much of what we say recorded, ten or twenty years from now you might be confronted with quotes from that data in a job interview or an officer knocking on your door. This is dangerous stuff. Me in writing this and you in reading it have essentially registered as critics of the NSA.

There's bothersome stuff. Companies have license-plate scanners out on the roads, that do instantaneous searches against a database of people who've missed or stopped paying car payments, of great interest to roaming repo outfits. Face recognition technology has the capability of assigning behaviors in pictures online with specific persons, so doing something outrageous on spring break can become part of someone's dossier on you--suppose in thirty years you run for Congress, the incident forgotten about arises. Then there's prediction based on behaviors, with apparently some law enforcement already somehow using procedures to identify criminals before they do anything criminal. This gets yet more serious: US drone strikes include "signature strikes" based on the collection of data such as age, location and other factors that make a person a terrorist, and then taking them out essentially on suspicion.

There's a great deal more in this book, including discussion of the US government's desire for keys to anything encrypted (whether under a Republican or Democrat regime seems to make no difference).

The ability to collect, store, and analyze data on an unprecedented scale is one of the -- if not "the" -- key enabling features of our digital age. The assumption is that the more data we have at our disposal, the more insights we can derive, and by that logic we ought to continue to stockpile as much of it as possible. However, at best, that's only half the story.

As Bruce Schneier points out, data collection is the "pollution problem of the information age": more data does not necessarily yield better insights; perfect memory is not always a good thing (there are many situations that are best forgotten); we (public and policy makers) are woefully behind in understanding how and where it is collected and how it's used both for and against our benefits.

Of course, you also can't discuss this topic without venturing into the world of government spying, data collection, and recent revelations about the exploits of the NSA, GCHQ, and other organizations (ab)using their capabilities. The book provides a measured analysis of all sides, with some stern warnings and advice on how and why we (as individuals) need to act to move this discussion forward.

A must read for anyone interested in the topic. And frankly, we all ought to be, as this may well define and reshape how our society operates; we need more well-informed discussions on this topic, and this book should be required reading.

I read Bruce Schneier's book Data and Goliath with great interest. It convincingly describes how unbeknownst to most we effectively live in a "surveillance society" -- from the very targeted type of surveillance undertaken by spies to the mass large-scale surveillance practiced by automated computer programs often run by companies. We get useful services in return for this bargain, but the book definitely focuses on the downside.

The book does not talk that much about the technical developments underlying the surveillance and perhaps the various technical fixes by which we might be able to have a somewhat different world. It does of course talk a bit about encryption and how useful it is. It mentions some useful practical tools that people can use, but I am sure these will become out-of-date very quickly.

The book ends with an idea that we need to regulate a lot of aspects of surveillance and privacy and the way we deal with our data exhaust in a similar way to how the Environmental Protection Agency regulates normal pollution and exhaust. We cannot imagine being in a world where people pollute the world without consequence and the author envisions that in the future we will have similar feelings about being in a world where others are allowed to snoop without check.

Altogether a very interesting read though, and I would highly recommend it to others.

Schneier demonstrates the rare talent to make sense of the distributed, parallel, and interconnected jumble of changes including varied business modes and approaches to economics and commerce, the role of human behavior, and government practices and laws, as they both drive and respond to constant technological developments — and the data they create and enable use of.

Data and Goliath is clear, accessible and engagingly written with lots of real life and everyday examples, so that it’s informative for knowledgable and novices alike, adeptly managing to cut a great path between boredom for the former and confusion for the latter. It is technically accurate, but avoids unnecessary detail, keeping the focus on how those technologies interact broadly with the other governing forces of people, business and government.

He looks at what's happening, the implications expected (and not), and a suite of responses, digging into the way technology and data interact with economics, behavior, and security. It’s not a simply story of nefarious villainy, but of the complex set of interactions that emerge from diverse drivers including convenience, technological characteristics, and conflicting governmental interests. The world is different with data that is infinitely aggregate-able, process-able, and sell-able, and thus becoming increasingly employed by all sorts of operators to predict the present and the future. These new capacities, both real and imagined, are fed by new data-generating devices and services and the associated rising power of technology intermediaries. The issues for people, business and society are exacerbated by lack of personal responsibility, security vulnerabilities, and insufficient legal and policy controls.

Schneier does not hide his strong views, but leaves you confident that they are informed by what he reports, rather than influencing what you read in order to support a particular case. Despite deep and widespread concern, he is not negative on technology per se, but clear in the urgency for us to take on pressing issues for technology to be positive on balance…which means there is a lot of work to be done.

Crisply written and well-argued, this is the essential introduction to the state of "big data" and surveillance in contemporary US society. The book tours the reader through the state of data collection and use, and the stops on this tour notably include the hidden, seamy neighborhoods that other books avoid: from obscure technical standards to out-of-sight data brokers. This breadth is something many books on the subject don't attempt. Governments! Corporations! People! Software! Databases! Security! Accountability! Democracy! Commerce! It's all here.

I want to highlight the part of the book that I found to be most useful, a true innovation and generally exemplary. This is Part Three: "What to Do About It." It is a genuinely new contribution because most books with public policy relevance tack-on some sort of quickly-written and thus half-baked agenda at the end. The editor, or the publisher, the author, or someone always thinks that books about scary societal problems shouldn't leave the reader down in the dumps at the end. They insist on some sort of "all is not lost! write your senator!" stab instead of a true concluding chapter, and the result is almost always disappointing. This book doesn't do that.

Instead, it has a chapter (12) that discusses the principles by which we should decide what to do, then a chapter each for things that should be done by (13) government, (14) corporations, and (15) individuals. Then it wraps up with a concluding chapter (16). (Although most of the things in the *by* corporations chapter actually need to be done *to* corporations by the government.) These five chapters are so important because they provide a compelling agenda that can be debated. The chapters also bring together frameworks and references from the past, helping the reader see that these problems aren't new and that there are already excellent ways to think about what should be done about them. Many of these frameworks and references (such as the 1980 OECD Privacy Framework or the US Consumer Privacy Bill of Rights) are included as sidebars. By taking a long list of positions and justifying them, this section provides a provocative way to open debates about this topic. I am a college professor and I received a review copy of this book. I will assign it with this purpose in mind.

The only negative review I see about this book so far complains that it is not deep enough, but this not a fair complaint. This is a popularizing book, intended to surface debates that have been simmering for some time, group them all together in a digestible form, and ensure that they are heard more broadly than they have been. I predict it will work. This effort is so valuable because there is really nothing like that available.

This is the most thoughtful and reasoned discussions of privacy and security issues that I have ever read.

It's unbelievably difficult to find a real, thoroughly researched discussion about privacy and security that doesn't make you feel like you're hearing from a salesman. That's true for all political issues, but I think more so for these ones. After all, the issues are complex; the sea of acronyms, jargon, and organizations is enough to make most people's eyes glaze over; and the underlying technical principled—not to mention the legal ones—are anything but accessible.

This book does an incredible job of explaining the issues in a way that genuinely feels fair: the status quo is never conflated from the likely future, which is in turn never conflated with the speculative future. Analogies and simplifications are always presented as such. Quotes and arguments are presented from both sides of debates.

This seems obvious, but it's extremely rare to find and it makes this book a gem. The result is a compelling. trustworthy, eloquent, and practical discussion about the problems our society faces when it comes to the use and misuse of data. Schneier does an excellent job of presenting a very wide range of ideas and instances of nearly everything he talks about, with specific recommendations (for everyone ranging from average Internet users to legislators) sprinkled throughout. The tone and level of detail is balanced well: you don't at all need to be technical to follow, but you won't be bored even if you're a security expert.

Highly recommended for anyone who cares about privacy or security: even a little.

This was an utterly compelling and largely balanced read. Truth, as it turns out, is indeed a little stranger than fiction. Mr. Schneier elegantly and earnestly leads us through the Cyberspace vs Privacy weeds that are the past 30 years or so with a wonderful voice and an enormous array of perfectly placed relevant facts, points, analogies and at times, tongue-in-cheek humor, as if to say, "Am I the only one who thinks all of this is just a little bit crazy". Central here is that the author has an enormously clear and circumspect grasp on his subject. In loose terms he addresses three key constituents; Government (and here, largely the NSA though other agencies occasionally feature) Corporations (largely Google, Facebook etc) and Us; you and me. In all three cases he's highly critical of the actions taken, both knowingly and unknowingly that have led to the current lay of the land with regards to how digital information about us is handled, or mishandled. In each case, however, he's also passionate about the need for, and likelihood of, meaningful change. As he notes, he's long-term optimistic / short-term pessimistic. Rather than simply bemoan the current state of affairs, Schneier articulates key concerns and frustrations clearly, but then works hard to outline what he sees as necessary correctives, some of which seem perfectly reasonable, and some of which, by his own admission, may be a bit of a reach. Whether he's talking about CALEA, the Patriot Act, legal perversions of 215, metadata and context, data mining, the importance of whistleblowers, the right to be forgotten, zero day vulnerabilities, search engines as confessionals or even a single priceless Frank Zappa quote, Schneier writes beautifully and clearly on the subject of his life's work. Here's hoping folks are listening to what this man has to say, and talking about it.

It's easy to get extreme and radical about privacy measures when putting on the tinfoil hat. Though Schneier states that he does not have a privacy invading personal facebook account, he also doesn't intend to shame those that do. He criticizes the “if you want privacy, then just opt-out” camp; that useful services that protect privacy can exist and that we should demand it, instead of opt-ing out to only then be left out. It sounds simple enough to opt-out of something like Progressives gps tracking, but since it saves customers money (debatable in the long term), the more people that opt-in just reenforces the idea of having to pay a premium for privacy.

Schneier also doesn't take a radical stance that all surveillance is bad; he describes practical and positive uses of surveillance and data gathering (medical, education methods, and even law enforcement to an appropriate degree). I also find the discussion between the balance of technology and legislation interesting; how one can always undermine the other. Telling people it's illegal to listen in on wireless calls (it's a 90's thing) wont stop the behavior, but encryption sure helped.

Schneier is a trustworthy/qualified author for this type of material, but I also appreciate the extensive notes section that is about the size of a couple of chapters on its own.

Finally, my favorite chapter was 15. If more people take some of the advice from that chapter, my level of hope will increase.

Schneier does it again. In a breezy account of the paranoiac state of surveillance today, Bruce Schneier, the renowned cyber-security expert, delivers a much needed and very accessible critique of what is wrong with the data economy today and what we might do to fix it. Ranging from the simple (put a sticker over your smartphone's camera) to the complex (policy suggestions that, if adopted, would reform the big data media landscape and its business models) to the commonsensical (just saying no when asked to divulge personal information), the argument, while not necessarily for the specialist looking for new scholarly detail, balance, or substance, strikes at the heart of the modern mediated condition of the world: we are all connected and those connections come with far greater costs to our liberties than anyone may realize. His dismaying picture is painted in perfectly reasonable tones with facts that speak for themselves. Anyone who cares about their privacy should read this book--and worry.

Fantastic book!! This book sheds light on the underpinnings of the technology we've come to rely on daily - shopping online, connecting on social networks, browsing the internet, even incessantly carrying a cell phone - and exposes the sole price of these services to consumers today - user privacy . Companies and governments alike store everything they can capture in hopes that it will someday prove useful, and are becoming increasingly more zealous to exercise greater and greater knowledge of our daily personal information. Not only does much of this data serve no good purpose, it also leaves the door wide open to abuse. In this book, Schneier considers the implications and dangers of the mass surveillance (both government and commercial) that is so inherent in our digital life today, and makes suggestions how we can evolve to more sensible policies that enable business and law enforcement, while protecting personal freedoms. This book is absolutely a must read!!

The battles are becoming less hidden. Concerns about Russian subs hunting for secure and secret undersea cable systems; Stuxnet; the use of personal data by ISIL; the massive thefts of corporate and government data or disruption of services are often with us. I don't often read on technical subjects, but enjoyed this clear description of what is coming on incredibly rapidly and its radical effect on our liberty in the struggle for security and/or privacy; and I learned what Steganography is.
It is a calm and rational description of what I find quite disorienting as I am well past a half century in this Huxleyesque world. I wrote a Cobol program once on Hollerith cards. There is some encouragement that there are people who have been able to do the right thing in honestly trying to balance the huge risk/benefit analysis that is going on. Bruce Schneier is one of them. If the data wars mean anything to you, I suggest you read the book. GJ Dickson

In "Data and Goliath,” Bruce Schneier brings his substantial credentials and scholarship to consider the consequences of surveillance, and it’s implications on privacy rights --- rights Schneier argues are the bedrock of society.

Schneier’s decades of expertise in technology and security make him uniquely qualified to weigh in on this topic. Schneier’s thought provoking, accessible, and lively writing style make “Data and Goliath” a must read for scholars and non-scholars alike.

“Data and Goliath” is for anyone who’s ever wondered, “How much does the store track me?” or, “Does Google know more about me than my mom?” (Answer: Yes.)

This ground-breaking book is essential for any discussion of data collection, surveillance, and democracy.

In light of events in San Bernardino this past week, the excerpt below is frighteningly prescient. A succession of Republican candidates on CNN saying we need to broaden the governments freedom to gather data (Ron Paul being the notable exception), while blithely ignoring the fact that the existing apparatus failed to detect the couple pledging their allegiance to ISIS on social media!

You need to buy this book!

“It’s a fear that’s stoked by the day’s news. As soon as there’s a horrific crime or a terrorist attack that supposedly could have been prevented if only the FBI or DHS had had access to some data stored by Facebook or encrypted in an iPhone, people will demand to know why the FBI or DHS didn’t have access to that data—why they were prevented from “connecting the dots.” And then the laws will change to give them even more authority. Jack Goldsmith again: “The government will increase its powers to meet the national security threat fully (because the People demand it).”

Excerpt From: Schneier, Bruce. “Data and Goliath.” W. W. Norton & Company. iBooks.
This material may be protected by copyright

Not to repeat what other reviewers have said, this book is a thorough and excellent treatise on the public's erosion of privacy, and what can be done about it. Towards the middle, though, the author spends a hundred or so pages scolding the government, the NSA and making a hero out of Edward Snowden, but redeems himself at the end when he shows how we can contribute to limiting government's and corporations limitless use of our personal data and summarizes the trade-offs between the benefits and costs to the loss of privacy. I do not consider Snowden a hero, not because I disapprove of his whistle blowing, but that he did so to our enemies.

Very informative and interesting read. The book does not look as long as it is because the 400 pages really cuts down to 200 due to recognitions and others in the back. This book is very informative in talking about the history of security. The author Bruce talks about the history, but also gives recommendations on what you should do as a consumer.

Bruce Schneier covers all the bases, weaving together countless news stories and recent revelations to give us the big-picture view on data and its uses in our times. Pulled together in one place, Schneier illustrates the urgency of finding reasonable solutions to these hidden trade-offs that we’ve largely accepted because we never had much of a choice. And refreshingly, he offers his set of solutions and next steps.

Schneier's solutions—like “incent new business models” for corporations that run on data (which I agree — offer broad strokes, but lack practicalities of exactly *how* to do that. Also, Schneier does not present a concise definition of surveillance. He shows how the same data can be used for improving systems as can be used to monitor and track users to control or coerce them. But to me, it is important to unpack some dissection of *intent* in the use of that same data. A clearer definition of surveillance, to what ends, seems necessary.

This book is timely, and one of the first to lay down the stakes of our data-driven society. It is a must read for anyone with an interest and sense of the importance of our data-society: citizen, consumer, government employee, marketer, tech company, and so on.

Disclosure: Bruce is a friend and colleague at the Berkman Center for Internet and Society, and I had the honor to read and comment on drafts of the book in various forms.

This book should be required reading before having any discussion on the internet and privacy. Not because Bruce Schneier so clearly explains what has already been given up, but he also explains why, and how it does help us. Whether you're a civil libertarian, geek or just plain old have fears of Big Tech or Big Gov, this book is enjoyable and informative.

Schneier is a household name in the security community and his new book is an important read when it comes unwanted surveillance, government or otherwise. However, I think he misses the point when it comes to corporate surveillance. He seems to suggest that when Facebook collects data on us in return for providing a service (social networking), that our data is worth far more than the service provided in exchange, and often implies that the service provided is worthless. This is akin to the "professional" who makes $1,000 an hour, but can only find employment for 1 hour per week, or all those baseball cards we've all saved and are going to retire from the sale of them - theyre worthless without a market/buyer. Most people dont have the ability or time to collect and sell their data, valuable as it is, and therefore trade what they deem essentially worthless for a service they feel is worth something. One man's trash is another's treasure. We could go down the rabbit hole on this and debate another book's worth of material, but I just wish this topic wasn't presented so one-sided and dismissively, since it is a topic of great importance. But this is still another must read book by Schneier.

A brilliant book by Bruce Schneier that describes in detail the surveillance that citizens around the globe are subject to. Particularly useful is chapter 15 in which Schneier gives practical advice, which hopefully many people will integrate into their daily life.

Amazing amount of credible research. Certainly thought provoking for techies and anyone interested in learning the tradeoffs between privacy and security. Obviously an author with hands-on in the subject area. Very well done!